package com.testdemo.web.controller;

import java.util.Date;
import javax.annotation.Resource;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import com.labmanager.JsonModule.ResponseBase;
import com.testdemo.web.service.GroupService;
import com.testdemo.web.service.LabService;
import com.testdemo.web.service.MyUserService;
import com.testdemo.web.vo.Group;
import com.testdemo.web.vo.LabInfo;
import com.testdemo.web.vo.LogoutSession;
import com.testdemo.web.vo.MyUser;
import com.testdemo.web.vo.Session;
import com.testdemo.web.vo.SessionManager;
import com.testdemo.web.vo.UserInfo;


@Controller
@RequestMapping("/account")
public class AccountController {
	public AccountController() {
		if(sessionManager == null)
			sessionManager = new SessionManager();
	}
	public static SessionManager sessionManager;
	
	@Resource
	private MyUserService userService;
	@Resource
	private GroupService groupService;
	@Resource
	private LabService labService;
	/**
	 * @param user 登陆者实例
	 * @return 
	 */
	@RequestMapping(value = "/login", method = RequestMethod.POST)
	@ResponseBody
	public ResponseBase login(@RequestBody MyUser user) {
		//检验数据合法性
		ResponseBase responseBase = new ResponseBase();
		if(!user.checkData()) {
			responseBase.setStatus(-1);
			responseBase.setMessage("请求数据错误");
			responseBase.setData("");
			return responseBase;
		}
		//查询用户是否存在
		MyUser seluser = userService.selectUserByNamePsw(user.getUsername(), user.getPassword());
		if(seluser == null) {
			responseBase.setStatus(-1);
			responseBase.setMessage("请求数据错误");
			responseBase.setData("");
			return responseBase;
		}
		if(seluser.getLevel() == 0) {
			responseBase.setError(-1, "您的申请正在审核，请等待审核通过后再登录");
			return responseBase;
		}
		//生成access_token
		Session session = new Session();
		session.access_token = user.getUsername();
		session.username = user.getUsername();
		session.endTime = new Date();
		session.setLevel(seluser.getLevel());
		sessionManager.addSession(session);
		responseBase.setData(session);
		return responseBase;
	}
	
	@RequestMapping(value = "/register", method = RequestMethod.POST)
	@ResponseBody
	public ResponseBase register(@RequestBody MyUser user) {
		//检验数据合法性
		ResponseBase responseBase = new ResponseBase();
		if(!user.checkData()) {
			responseBase.setStatus(-1);
			responseBase.setMessage("请求数据错误");
			responseBase.setData(null);
			return responseBase;
		}
		//插入该用户
		int status = userService.insertMyUser(user);
		if(status == 0){
			responseBase.setStatus(1);
			responseBase.setMessage("用户已注册");
			responseBase.setData(null);
			return responseBase;
		}
		//组装json数据包
		return responseBase;
	}
	
	
	@RequestMapping(value = "/logout",method = RequestMethod.POST)
	@ResponseBody
	public ResponseBase Logout(@RequestBody LogoutSession logoutSession) {
		//检验数据合法性
		ResponseBase responseBase = new ResponseBase();
		if(!logoutSession.checkData()) {
			responseBase.setStatus(-1);
			responseBase.setMessage("请求数据错误");
			responseBase.setData(null);
			return responseBase;
		}
		//删除用户
		if(sessionManager.selectSessionByAccessToken(logoutSession.getSession()) == null || sessionManager.selectSessionByUserName(logoutSession.getUsername()) == null) {
			responseBase.setStatus(1);
			responseBase.setMessage("当前用户不在线");
			responseBase.setData(null);
			return responseBase;
		}
		sessionManager.deleteSession(logoutSession.getSession());
		return responseBase;
	}
	
	
	@RequestMapping(value = "/updateinfo",method = RequestMethod.POST)
	@ResponseBody
	public ResponseBase UpdateInfo(@RequestBody UserInfo userInfo) {
		ResponseBase responseBase = new ResponseBase();
		if(!userInfo.checkData()) {
			responseBase.setStatus(-1);
			responseBase.setMessage("请求数据错误");
			responseBase.setData(null);
			return responseBase;
		}
		//检查用户是否在线
		if(sessionManager.selectSessionByAccessToken(userInfo.getSession()) == null || sessionManager.selectSessionByUserName(userInfo.getUsername()) == null) {
			responseBase.setStatus(1);
			responseBase.setMessage("当前用户不在线");
			responseBase.setData(null);
			return responseBase;
		}
		//检查是设置还是修改，修改的话是禁止在这里修改所属实验室的
		UserInfo userInfoInDao = userService.selectUserInfoByName(userInfo.getUsername());
		//第一次设置
		if(null == userInfoInDao) {
			int status = userService.insertUserInfo(userInfo);
			if(status == 0) {
				//插入失败
				responseBase.setStatus(-102);
				responseBase.setMessage("系统错误，请稍后再试，或者联系管理员，error code：Account138");
				responseBase.setData(null);
				return responseBase;
			}
			responseBase.setData(userInfo);
		}else {
			//不是第一次设置
			//先验证是否修改了所属实验室
			if(userInfoInDao.getLabid() != userInfo.getLabid()) {
				//确认修改了所属实验室，返回错误
				responseBase.setStatus(2);
				responseBase.setMessage("所属实验室禁止在当前页面修改");
				responseBase.setData(null);
				return responseBase;
			}
			//没有修改所属实验室，执行更新操作
			int status = userService.updateUserInfo(userInfo);
			if(status == 0) {
				//更新失败
				responseBase.setStatus(-102);
				responseBase.setMessage("系统错误，请稍后再试，或者联系管理员，error code：Account157");
				responseBase.setData(null);
				return responseBase;
			}
			responseBase.setData(userInfo);
		}
		return responseBase;
	}
	
	
	@RequestMapping(value = "/getuserinfo",method = RequestMethod.POST)
	@ResponseBody
	public ResponseBase GetUserInfo(@RequestBody UserInfo userInfo) {
		ResponseBase responseBase = new ResponseBase();
		
		//检验数据合法性
		if(!userInfo.checkData() || userInfo.getUsername() == null) {
			responseBase.setStatus(-1);
			responseBase.setMessage("请求数据错误");
			responseBase.setData(null);
			return responseBase;
		}
		
		//检查用户是否在线
		if(sessionManager.selectSessionByAccessToken(userInfo.getSession()) == null) {
			responseBase.setStatus(1);
			responseBase.setMessage("你还没有登陆，不能查询用户信息");
			responseBase.setData(null);
			return responseBase;
		}
		//开始查询
		
		UserInfo userInfoBySelect = userService.selectUserInfoByName(userInfo.getUsername());
		//检查查询到的数据是否存在
		if(userInfoBySelect == null) {
			responseBase.setStatus(2);
			responseBase.setMessage("要查询的用户不存在");
			responseBase.setData(null);
			return responseBase;
		}
		//检查是否具有权限查看该条消息
		Session session = sessionManager.selectSessionByAccessToken(userInfo.getSession());
		int labid = userService.selectUserInfoByName(session.getUsername()).getLabid();
		
		if(userInfoBySelect.getLabid() != labid) {
			//没有权限查看该条消息
			responseBase.setStatus(3);
			responseBase.setMessage("你没有权限查看此用户的信息");
			responseBase.setData(null);
			return responseBase;
		}
		//判断是否是本人
		if(userInfo.getUsername().equals(session.getUsername())) {
			responseBase.setData(userInfoBySelect);
			return responseBase;
		}
		//判断查询者是不是小组组长
		userInfo = userService.selectUserInfoByName(session.getUsername());
		Group group = groupService.selectGroupByUsername(userInfo.getUsername()) ;
		//判断是不是实验室负责人
		LabInfo labInfo = labService.selectLabinfoById(userInfo.getLabid());
		if((group == null || group.getGroupid()!=userInfoBySelect.getGroupid()) && (!labInfo.getUsername().equals(userInfo.getUsername()))) {
			responseBase.setError(-1, "你没有权限查看");
			return responseBase;
		}
		responseBase.setData(userInfoBySelect);
		return responseBase;
	}
	
	@RequestMapping(value = "/changepsw",method = RequestMethod.POST)
	@ResponseBody
	public ResponseBase ChangePassWord(@RequestBody MyUser user) {
		ResponseBase responseBase = new ResponseBase();
		//检查数据
		if(!user.checkData()) {
			responseBase.setError(-1, "请求数据有误");
			return responseBase;
		}
		//检查是否登陆
		Session session = sessionManager.selectSessionByAccessToken(user.getSession());
		if(session == null) {
			responseBase.setError(-1, "你还未登陆，请登陆后操作");
			return responseBase;
		}
		if(!session.getUsername().equals(user.getUsername())) {
			responseBase.setError(-1, "你无权修改他人密码");
			return responseBase;
		}
		userService.updatePassWord(user);
		return responseBase;
	}
}
